如何修复这些 SE Linux 政策变更?
How to fix these SE Linux policy changes?
[ 240.889647] rfkill: BT RF going to : off
[ 240.890362] init: Service 'start_hci_filter' (pid 6174) exited with status 0
[ 240.890381] init: Sending signal 9 to service 'start_hci_filter' (pid 6174) process group...
[ 240.890559] libprocessgroup: Successfully killed process cgroup uid 1002 pid 6174 in 0ms
[ 240.911163] type=1400 audit(1571950902.476:83): avc: denied { ioctl } for pid=3189 comm="HwBinder:3189_2" path="socket:[94877]" dev="sockfs" ino=94877 ioctlcmd=0x8004 scontext=u:r:hal_bluetooth_default:s0 tcontext=u:r:hal_bluetooth_default:s0 tclass=unix_stream_socket permissive=0
[ 240.915236] init: processing action (vendor.wc_transport.start_hci=false) from (/vendor/etc/init/hw/init.freescale.rc:243)
[ 242.057186] rfkill: BT RF going to : on
[ 242.061075] mxc_bt_rfkill_reset
[ 242.696465] type=1400 audit(1571950902.476:83): avc: denied { ioctl } for pid=3189 comm="HwBinder:3189_2" path="socket:[94877]" dev="sockfs" ino=94877 ioctlcmd=0x8004 scontext=u:r:hal_bluetooth_default:s0 tcontext=u:r:hal_bluetooth_default:s0 tclass=unix_stream_socket permissive=0
[ 242.721817] type=1400 audit(1571950904.288:84): avc: denied { add_name } for pid=3189 comm="HwBinder:3189_1" name="bt_fw_version.txt" scontext=u:r:hal_bluetooth_default:s0 tcontext=u:object_r:bluetooth_data_file:s0 tclass=dir permissive=0
[ 243.036818] init: processing action (vendor.wc_transport.start_hci=true) from (/vendor/etc/init/hw/init.freescale.rc:240)
[ 243.048504] init: starting service 'start_hci_filter'...
[ 244.230254] rfkill: BT RF going to : off
如何解决这些政策变化?
allow HwBinder:3189_2 hal_bluetooth_default : capability {ioctl}
allow HwBinder:3189_1 bluetooth_data_file: capability {add_name}
任何想法我在这里错过了什么?
语法为:
allow <type of source> <type of target>:<class of target> {<list of actions>};
所以在你的情况下:
allow hal_bluetooth_default hal_bluetooth_default:unix_stream_socket {ioctl};
allow hal_bluetooth_default bluetooth_data_file:dir {add_name};
[ 240.889647] rfkill: BT RF going to : off
[ 240.890362] init: Service 'start_hci_filter' (pid 6174) exited with status 0
[ 240.890381] init: Sending signal 9 to service 'start_hci_filter' (pid 6174) process group...
[ 240.890559] libprocessgroup: Successfully killed process cgroup uid 1002 pid 6174 in 0ms
[ 240.911163] type=1400 audit(1571950902.476:83): avc: denied { ioctl } for pid=3189 comm="HwBinder:3189_2" path="socket:[94877]" dev="sockfs" ino=94877 ioctlcmd=0x8004 scontext=u:r:hal_bluetooth_default:s0 tcontext=u:r:hal_bluetooth_default:s0 tclass=unix_stream_socket permissive=0
[ 240.915236] init: processing action (vendor.wc_transport.start_hci=false) from (/vendor/etc/init/hw/init.freescale.rc:243)
[ 242.057186] rfkill: BT RF going to : on
[ 242.061075] mxc_bt_rfkill_reset
[ 242.696465] type=1400 audit(1571950902.476:83): avc: denied { ioctl } for pid=3189 comm="HwBinder:3189_2" path="socket:[94877]" dev="sockfs" ino=94877 ioctlcmd=0x8004 scontext=u:r:hal_bluetooth_default:s0 tcontext=u:r:hal_bluetooth_default:s0 tclass=unix_stream_socket permissive=0
[ 242.721817] type=1400 audit(1571950904.288:84): avc: denied { add_name } for pid=3189 comm="HwBinder:3189_1" name="bt_fw_version.txt" scontext=u:r:hal_bluetooth_default:s0 tcontext=u:object_r:bluetooth_data_file:s0 tclass=dir permissive=0
[ 243.036818] init: processing action (vendor.wc_transport.start_hci=true) from (/vendor/etc/init/hw/init.freescale.rc:240)
[ 243.048504] init: starting service 'start_hci_filter'...
[ 244.230254] rfkill: BT RF going to : off
如何解决这些政策变化?
allow HwBinder:3189_2 hal_bluetooth_default : capability {ioctl}
allow HwBinder:3189_1 bluetooth_data_file: capability {add_name}
任何想法我在这里错过了什么?
语法为:
allow <type of source> <type of target>:<class of target> {<list of actions>};
所以在你的情况下:
allow hal_bluetooth_default hal_bluetooth_default:unix_stream_socket {ioctl};
allow hal_bluetooth_default bluetooth_data_file:dir {add_name};